BPIP and reading personal messages

[light_warrior]

Since the thread with the reply to my post has been closed, I still feel I should reply to the post of the esteemed Lucius. If this thread is inappropriate, please tell me so and I will close it.

~snip~
A limited number of people can read the personal messages. Personal messages are stored in the database in encrypted form and only those who have the decryption key can read them.

Given that my post, in which I stated, is another example of who can technically read PM, for those who do not read what others write and respond only to certain posts I will quote again. The post from 2012 is out of date anyway, unless Gavin still has the privilege of reading PMs, which would not only be illogical, but also dangerous since he's long gone to the dark side.

We don't log your IP address when the extension contacts our server but if you don't trust us you should use Tor or VPN. The extension can technically read any data from your BitcoinTalk session, including your PMs, but it doesn't do so. It collects user IDs from the page you're looking at - e.g. a list of posts in a thread - and sends that list of IDs to bpip.org to get info about those users, and only does so if you turn the optional features on (these features are off by default).

The extension works even if you browse BitcoinTalk.org without being logged in. The source code is not obfuscated and can be examined by anyone with sufficient JavaScript knowledge using developer tools built into most browsers. Same tools can also be used to check network traffic to/from the extension.

Okay, let's do it that way. I registered an alternate account Light_Warrior (Alt) and sent a test message to that account. Let the reputable suchmoon read this message using his BPIP extension. I'll even allow him to post it here in this thread.

[1714303625]

1714303625

[logfiles]

We don't log your IP address when the extension contacts our server but if you don't trust us you should use Tor or VPN. The extension can technically read any data from your BitcoinTalk session, including your PMs, but it doesn't do so. It collects user IDs from the page you're looking at - e.g. a list of posts in a thread - and sends that list of IDs to bpip.org to get info about those users, and only does so if you turn the optional features on (these features are off by default).

IMO, this is what I understood from what Suchmoon said. The fact is that the extension can read all the data on the page you are viewing, but it only collects other forms of data, such as User IDs. It's not designed/modified to collect data from PMs

The good thing is the code is open source. Anyone with some technical knowledge can help review it.

[Faisal2202]

IMO, this is what I understood from what Suchmoon said. The fact is that the extension can read all the data on the page you are viewing, but it only collects other forms of data, such as User IDs. It's not designed/modified to collect data from PMs

The good thing is the code is open source. Anyone with some technical knowledge can help review it.

I am new here you guys are senior, i always afraid to talk in between such topics but i am seeing this topic for quite some times, like many topics and threads i have read in these 2 days. Point is, dear logfiles, the meaning of suchmoon post is, these extensions have the capability to read and provide all the PMs but they do not do so because the setting is not set to show that data to public which means they could see them also.

The thing i am unable to understand is, when we try to send PM to someone we see a note at the bottom left corner that " Note: PM privacy is not guaranteed. Encrypt sensitive messages." Which is also a open indicator for everyone to be prepared for all types of security.

Which also means, these extensions have access to our PMs which i think should not have because i am ok with Administrators to have such access but not other members who are not even a part of the team of Theymos. TBH, if one do want to share someone a secret message they should avoid to send that directly instead do encryption or use TG to make discussions.

[TryNinja]

Okay, let's do it that way. I registered an alternate account Light_Warrior (Alt) and sent a test message to that account. Let the reputable suchmoon read this message using his BPIP extension. I'll even allow him to post it here in this thread.

That’s… not how this works.

“Theoretically” means the extension can naturally interact with the forum in any way IF, and only if, there is a code in there to specifically do that. Obviously there is nothing coded that says “if suchmoon clicks this button, the extension will read your DMs and send them over to him”. The thing is that there could be, which is why it’s theoretical.

[joker_josue]

Okay, let's do it that way. I registered an alternate account Light_Warrior (Alt) and sent a test message to that account. Let the reputable suchmoon read this message using his BPIP extension. I'll even allow him to post it here in this thread.

Any extension of your browser (theoretically) can obtain data from the pages you visit, be it the BPIP or any other. Fortunately, the vast majority of extensions do not collect information beyond what has been programmed, which guarantees some "security".

The use of extensions should always be done with great care and attention, as there are many malicious extensions. This is clearly not the case with BPIP, which does not record any and all information that appears on the page.

[suchmoon]

Okay, let's do it that way. I registered an alternate account Light_Warrior (Alt) and sent a test message to that account. Let the reputable suchmoon read this message using his BPIP extension. I'll even allow him to post it here in this thread.

As others already pointed out, the extension has the permission to do it, which you grant to the extension when you install it. Something along the lines of "access any data on bitcointalk.org", meaning as you browse bitcointalk.org with your browser (logged in or not) the extension would have access to anything your browser downloads from bitcointalk.org. And the extension makes use of this permission to inject snippets of HTML - such as links to BPIP/loyce.club/ninjastic.space, merit counts, etc - into bitcointalk.org pages as you browse them. It does not collect your PMs though. You can verify that by looking at its source code, or you would have to trust the developers, which is what I was attempting to say in that post that Lucius quoted.

I don't know the full context that made you create this thread so let me point one other thing that is blatantly obvious but doesn't appear to be stated in that quote: the extension works only in the browser instance where it is installed and enabled. If you don't have it installed (as is the case for 99.9% users) then you don't have the above theoretical risk.

[light_warrior]

Thank you for your comments.  Here's the matter in a different way. I am primarily interested in the way the question is posed. When I wrote that private messages can be read only by those who have the key to decrypt the database (i.e. a rather limited number of people) and quoted the words of theymos, the esteemed Lucius responded by saying that I cannot read the forum and quoted the words of the esteemed suchmoon as a refutation of my words.

That is, it turns out that the esteemed Lucius is 100% sure that the BPIP extension can read private messages. That's what I propose to prove in practice the words of respected suchmoon, which are so zealously referred to by respected Lucius. Because a man should be responsible for his words. I think so.

As others already pointed out, the extension has the permission to do it, which you grant to the extension when you install it. Something along the lines of "access any data on bitcointalk.org", meaning as you browse bitcointalk.org with your browser (logged in or not) the extension would have access to anything your browser downloads from bitcointalk.org. And the extension makes use of this permission to inject snippets of HTML - such as links to BPIP/loyce.club/ninjastic.space, merit counts, etc - into bitcointalk.org pages as you browse them. It does not collect your PMs though. You can verify that by looking at its source code, or you would have to trust the developers, which is what I was attempting to say in that post that Lucius quoted.

I don't know the full context that made you create this thread so let me point one other thing that is blatantly obvious but doesn't appear to be stated in that quote: the extension works only in the browser instance where it is installed and enabled. If you don't have it installed (as is the case for 99.9% users) then you don't have the above theoretical risk.

Thanks for the comment. I have your extension running and it has been granted all the permissions it requested.

Can you answer me specifically, you can use the BPIP extension to read my private message. What permissions do I have to grant the extension to do this? I want to make sure that theymos words are not outdated and still valid. And to convince the esteemed Lucius of this.

[suchmoon]

Can you answer me specifically, you can use the BPIP extension to read my private message. What permissions do I have to grant the extension to do this? I want to make sure that theymos words are not outdated and still valid. And to convince the esteemed Lucius of this.

I can't read your PMs. There is no code in the extension that would send the contents of PMs to me (or to anyone). It's as simple as that. This can be verified by anyone with some Javascript proficiency.

There are no additional permissions that could change this. As I mentioned, the extension already has full permission to access bitcointalk.org content in your browser but it only uses this permission for the narrow purposes it's designed for.

So the short answer is NO. Whether that will convince Lucius - I don't know.

[light_warrior]

Can you answer me specifically, you can use the BPIP extension to read my private message. What permissions do I have to grant the extension to do this? I want to make sure that theymos words are not outdated and still valid. And to convince the esteemed Lucius of this.

I can't read your PMs. There is no code in the extension that would send the contents of PMs to me (or to anyone). It's as simple as that. This can be verified by anyone with some Javascript proficiency.

There are no additional permissions that could change this. As I mentioned, the extension already has full permission to access bitcointalk.org content in your browser but it only uses this permission for the narrow purposes it's designed for.

So the short answer is NO. Whether that will convince Lucius - I don't know.

Sorry to be intrusive One last question on this theme and I'll get off your back. Is it possible to add code to an extension and still access private forum user message or is it a priori impossible without getting additional permissions from theymos?

[logfiles]

Sorry to be intrusive One last question on this theme and I'll get off your back. Is it possible to add code to an extension and still access private forum user message or is it a priori impossible without getting additional permissions from theymos?

It's possible to add code that would collect the page contents it accesses/reads including PMs if you are logged in and opened your messages and then send it over, but that would mean you would have to first update from the current extension version to the new version because the current version is not designed to do that.

Anyone who reviews the code before updating the extension would be able to see the changes. But I am not sure why you are so worried about this. There is already a warning regarding PM privacy and sending of sensitive information over the forum.

[Stalker22]

Is it possible to add code to an extension and still access private forum user message or is it a priori impossible without getting additional permissions from theymos?

It seems you already got that answer in the previous comments.

Any browser extension can be designed to access the content of everything you do online, even private messages on the bitcointalk.org forum. Basically, whatever you see, the extension could see and potentially even more. But just to be clear, I'm not talking specifically about the BPIP extension; I mean any browser extension in general. And this has nothing to do with the fact that private messages are encrypted on the server.

So, it is important to be mindful of what you are adding to your browser. The silver lining is that all these extensions are open source, imo.

[suchmoon]

Sorry to be intrusive One last question on this theme and I'll get off your back. Is it possible to add code to an extension and still access private forum user message or is it a priori impossible without getting additional permissions from theymos?

What logfiles said. It is possible in theory but only if you install a new version of the extension. You can disable automatic updates and/or review the source code of any new version that gets installed so you (the user) can be in full control of this.

theymos doesn't get any say in this. It's entirely up to you, your browser, and the extensions you install in your browser.

(edit - spelling)

[SamReomo]

Can you answer me specifically, you can use the BPIP extension to read my private message. What permissions do I have to grant the extension to do this? I want to make sure that theymos words are not outdated and still valid. And to convince the esteemed Lucius of this.

I can't read your PMs. There is no code in the extension that would send the contents of PMs to me (or to anyone). It's as simple as that. This can be verified by anyone with some Javascript proficiency.

There are no additional permissions that could change this. As I mentioned, the extension already has full permission to access bitcointalk.org content in your browser but it only uses this permission for the narrow purposes it's designed for.

So the short answer is NO. Whether that will convince Lucius - I don't know.

Sorry to be intrusive One last question on this theme and I'll get off your back. Is it possible to add code to an extension and still access private forum user message or is it a priori impossible without getting additional permissions from theymos?

That's possible and can be done by a malicious actor who knows JavaScript programming. The malicious actor can change the code of the extension in a way that the extension will be able to collect the information about the private messages of a user. And, the malicious actor can do that without theymos's permission because in such cases the permission of the administrator isn't required.

A user gives complete permission to an extension to access all the data of bitcointalk.org would know that he/she is willing to allow such extension to be installed on his browser which could theoretically access and read the data of bitcointalk.org on that user's browser where the extension is installed. Like @suchmoon clarified that people could look at the source code of the extension to verify that the extension is not collecting data of the user's PM's, and that's more than enough for us to know that there private messages of a user are in privacy of the user and they won't be shared by the extension. However, you should know that the extension can access the PM's and if someone add some code changes in the extension then in that case it may collect the private data of the user without anyone's permission.

[suchmoon]

That's possible and can be done by a malicious actor who knows JavaScript programming.

Extensions are signed and tied to the author's account so only the author of the extension can update it. You're making it sound like anybody can do it. That's not correct. The "malicious actor" can change the code (on the actor's computer) but they won't be able to deploy it to other users.

[SamReomo]

That's possible and can be done by a malicious actor who knows JavaScript programming.

Extensions are signed and tied to the author's account so only the author of the extension can update it. You're making it sound like anybody can do it. That's not correct. The "malicious actor" can change the code (on the actor's computer) but they won't be able to deploy it to other users.

Nah, you interpreted my words in a wrong way. I was not saying that the malicious actor would change it on a particular user's system, but it would change the code altogether and then upload the extension on another site or upload it on chrome's extension page from another account which is not the original account of the extension.

That's a possibly because the source code is open and anyone with programming knowledge can modify the code and redistribute the extension to the users. Those malicious actors won't be able to update the extension which was posted on chrome extension site by the original creator but they can create fake versions of the extension with same credentials.

[SquirrelJulietGarden]

That's a possibly because the source code is open and anyone with programming knowledge can modify the code and redistribute the extension to the users. Those malicious actors won't be able to update the extension which was posted on chrome extension site by the original creator but they can create fake versions of the extension with same credentials.

Have an open source extension is great as if you have coding knowledge, you can verify code but if you can not do code verification by yourself, you should not rely on other reviews and verification to use any extension.

If you are seriously worrying about something malicious behind extensions, just don't use any extension. Basically browsers provide us enough fundamental features to use. Don't require too much customized features while you are not a coder, don't have coding and security knowledge, then adding more risk on your devices.

[light_warrior]

Sorry to be intrusive One last question on this theme and I'll get off your back. Is it possible to add code to an extension and still access private forum user message or is it a priori impossible without getting additional permissions from theymos?

What logfiles said. It is possible in theory but only if you install a new version of the extension. You can disable automatic updates and/or review the source code of any new version that gets installed so you (the user) can be in full control of this.

theymos doesn't get any say in this. It's entirely up to you, your browser, and the extensions you install in your browser.

(edit - spelling)

Thank you for your comment. From our conversation, I realized that theoretically, if you modify the BPIP extension, it will be able to read any information on any open page. Accordingly, if a page with private messages is opened, the extension will be able to read what is written there. But if do not open the private messages page when the extension is running, it will not be able to read private messages. And the extension has no access to the encrypted database itself, where private messages of forum users are stored.

[suchmoon]

Thank you for your comment. From our conversation, I realized that theoretically, if you modify the BPIP extension, it will be able to read any information on any open page. Accordingly, if a page with private messages is opened, the extension will be able to read what is written there. But if do not open the private messages page when the extension is running, it will not be able to read private messages. And the extension has no access to the encrypted database itself, where private messages of forum users are stored.

I feel like "modifying extension code" is misunderstood in this context. I can't modify the code in your browser without you noticing. You can modify the code in your browser but then you would be reading your own PMs. Someone else can't modify the code in your browser to sneak into your PMs.

That's a possibly because the source code is open and anyone with programming knowledge can modify the code and redistribute the extension to the users. Those malicious actors won't be able to update the extension which was posted on chrome extension site by the original creator but they can create fake versions of the extension with same credentials.

So that would be someone creating a new, separate, malicious extension. I don't think this has anything to do with BPIP. Such a malicious person wouldn't even need our code - there is nothing special in it and it doesn't have anything that would help reading the PMs and/or sending them somewhere. But yes, if you install a random extension and grant it permissions to bitcointalk.org (or gmail, or your bank's website), chances are that bad things could happen.

[SamReomo]

That's a possibly because the source code is open and anyone with programming knowledge can modify the code and redistribute the extension to the users. Those malicious actors won't be able to update the extension which was posted on chrome extension site by the original creator but they can create fake versions of the extension with same credentials.

So that would be someone creating a new, separate, malicious extension. I don't think this has anything to do with BPIP. Such a malicious person wouldn't even need our code - there is nothing special in it and it doesn't have anything that would help reading the PMs and/or sending them somewhere. But yes, if you install a random extension and grant it permissions to bitcointalk.org (or gmail, or your bank's website), chances are that bad things could happen.

I agree that the extension which a user downloads from an unknown source doesn't have anything to do with BPIP.ORG because that's would be the fault of the user who installs it without verifying the source. The BPIP.ORG provides a reputed extension as we all know and it would never do anything to read the PM's of a user.

There are chances that the malicious actors who may create a similar clone of BPIP extension with the same code but with additional permissions of reading someone's PM's but that thing doesn't have anything to do with BPIP.ORG and the user who installs such extensions should be responsible for any damages he/she receives by installing such extensions.

[Stalker22]

Thank you for your comment. From our conversation, I realized that theoretically, if you modify the BPIP extension, it will be able to read any information on any open page. Accordingly, if a page with private messages is opened, the extension will be able to read what is written there. But if do not open the private messages page when the extension is running, it will not be able to read private messages. And the extension has no access to the encrypted database itself, where private messages of forum users are stored.

Speaking strictly theoretically, let us assume you have a malicious extension installed in your browser (I am not referring to the bpip.org extension here), and you access the bitcointalk.org forum using your credentials. At this point, an active session with the website is established, granting access to any forum page, including your private messages. The extension could theoretically exploit this active session to access your private messages in the background, all without you even noticing. Therefore, it is not necessary for you to open your private messages for a malicious extension to "read" them. And once again, this is unrelated to encrypted data in the database, as the entire process takes place within your browser.